package com.ruoyi.common.xss;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import com.ruoyi.common.utils.html.EscapeUtil;

/**
 * XSS过滤处理
 * 
 * @author ruoyi
 */
public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper{
	/**
	 * @param request
	 */
	public XssHttpServletRequestWrapper(HttpServletRequest request){
		super(request);
	}

	@Override
	public String[] getParameterValues(String name){
		String[] values = super.getParameterValues(name);
		if(values != null){
			int length = values.length;
			String[] escapseValues = new String[length];
			for(int i = 0; i < length; i++){
				// 防xss攻击和过滤前后空格
				escapseValues[i] = EscapeUtil.clean(values[i]).trim();
			}
			return escapseValues;
		}
		return super.getParameterValues(name);
	}
}
